mahara-contributors team mailing list archive

[Rob Slagter <1715198@xxxxxxxxxxxxxxxxxx>]

Public bug reported:

Remove check for low security (i.e. not random enough) session IDs on ini variable session.entropy_length which is removed in php7.1. This check is done in mahara/htdocs/lib/upgrade.php 
+  [ ] // Check for low security (i.e. not random enough) session IDs
+    if ((int)ini_get('session.entropy_length') < 16) {
+        $warnings[] = get_string('notenoughsessionentropy', 'error');
+    }
+

** Affects: mahara
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1715198

Title:
  PHP  ini variable session.entropy_length removed in php7.1

Status in Mahara:
  New

Bug description:
  Remove check for low security (i.e. not random enough) session IDs on ini variable session.entropy_length which is removed in php7.1. This check is done in mahara/htdocs/lib/upgrade.php 
  +  [ ] // Check for low security (i.e. not random enough) session IDs
  +    if ((int)ini_get('session.entropy_length') < 16) {
  +        $warnings[] = get_string('notenoughsessionentropy', 'error');
  +    }
  +

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1715198/+subscriptions